By cruffin ·
Suddenly any link I click on takes me to ads page or coupons or anything other than what I expected. Also, cannot run HiJackThis or S&amp or IE7 executables. Looks like I have some nastiness embedded but can't find it or a way to find it. Help?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -


by ---TK--- In reply to Hijacked?

jumping into "safemode" and running the scans.

Collapse -

This may get you back on track...

by bincarnato In reply to Hijacked?

From another PC, download malwarebytes to a thumb drive from here:

Then rename the file extension from the .exe to .com
Go to hijacked PC and run the .com just like you would the .exe.

Once install has finished, browse tot he folder c:\program files\malwarebytes and copy the mbam.exe and paste it in the same folder. Then rename the .exe extension to .com on the copy of mbam.exe. Double-click the .com file. Tell it to do a quick scan and then remove all found items. Reboot the machine if it asks you to in order to finish removal of anything it has found. Once that has finished, try anything that was broke before to see if resolved. If not, executables may run now and run Malwarebytes again from start menu and tell it to update and run quick scan again and etc like above. Test again.

If still getting browser redirects, run ComboFix from here:
The links to download are about half way down the page. I use the bleepingcomputer one.

Rename the .exe extension on the downloaded file to .com and then copy to hijacked PC. Double-click the .com and sit back and let it do it's thing. Test after done.

If still havng issues, gets more complicated. Post back the Malwarebytes log and we can get an idea of what ails your machine.

(Edited because TinyURL didn't like link directly to ComboFix download.)

Collapse -

Good suggestions so far...

by dixon In reply to Hijacked?

...and I would add running Rootkit Revealer:

So much of the stuff like you're describing includes a rootkit component these days. You seemingly remove every detectable problem, using every AV tool out there, and it somehow returns.

But, a word of caution: take time to research the scan's results. RR routinely reports what can only be called 'false positives', such as the creepy sounding 'secrets' entry, which is Microsoft.

Collapse -

Just a follow up...

by bincarnato In reply to Hijacked?

I have found that S & D has become bloated and a scan takes entirely too long. In most cases, Malwarebytes has been as effective at removing all of the crapware as S&amp is/was, in a fraction of the time.

Collapse -

re: Follow Up

by ThumbsUp2 In reply to Just a follow up...

I have found that having multiple tools doesn't hurt one little bit.

You can run MalWareBytes in Safe Mode, multiple times, until it reports a clean system. Yet, S&amp will find something after that, as does any of the anti-virus scanners.

In today's world, running multiple tools stands a better chance of getting it all than trusting just one application.

Collapse -

Agreed but...

by bincarnato In reply to re: Follow Up

If I have system that is esentially unusable because all of the crapware on there, I run Malwarebytes first because it takes a fraction of the time to remove the crapware that S&amp takes. I was just pointing that out to the poster. S&amp used to be the same way, scans didn't take an hour to run. Now, it takes forever for it to run. I have a client that does most IT things in-house and one of the things the doctor/owner had one person doing was making sure a scan is run daily with S&amp on all 7-8 PCs. They have an AV suite installed on every machine in the building already. The person who had to run these scans every day asked me about it and I said that I had another peice of software that would do the same thing in a fraction of the time. I showed them Malwarebytes and then said that they shoudl show the doctor it when he was in. Anyway, folks couldn't use thier machines for ~1hr in the morning because they were running a S&amp scan and I couldn't convince the doctor that running a scan daily wasn't really needed and he pays the bills and signs the checks, so at least the scan times dramatically dropped.

Collapse -

too bad

by Snuffy09 In reply to Agreed but...

you cant set a time for Malwarebytes to run (free) S&amp can be set to scan daily at whatever time you want. you can also have it update daily. without paying for malwarebytes you cant do this.

Collapse -

if it allows you

by Snuffy09 In reply to Hijacked?

download/install superantispyware, update then, run in safemode (scan while disconnected from internet)

Related Discussions

Related Forums